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EXAMINER'S AMENDMENT 

1 . An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .31 2. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Pedro Suarez (Reg. No. 45,895) on 01/11/2011. 

The application has been amended as follows: 

1 . (Currently Amended) A method, comprising: 

using an authentication message to signal service selection information via a first 
network to an authentication server of a second network, the service selection 
information indicating an access point, wherein the first and second networks are 
distinct , wherein the authentication message signals the service selection information 
via the first network to an authentication server of the second network : and 

using the service selection information to connect to at least one service provided 
over the access point indicated by the service selection information, 

selecting, using the authentication server, a gateway in the second network to 
connect to the first network; 

wherein the service selection information comprises at least one access point 
name parameter, 
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wherein the at least one access point parameter comprises an access point 
name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

2. (Previously Presented) A method according to claim 1 , wherein the first 
network comprises a wireless local area network, wherein the second network 
comprises a cellular packet-switched network different from the first network, and the 
authentication message comprises an extensible authentication protocol message. 

3. (Previously Presented) A method according to claim 1 , wherein the 
second network is a cellular packet-switched network. 

4. (Previously Presented) A method according to claim 3, wherein the 
cellular packet-switched network is a general packet radio service network. 

5. (Previously Presented) A method according to claim 1 , wherein the 
authentication message is an extensible authentication protocol message. 

6. (Previously Presented) A method according to claim 5, wherein the 
extensible authentication protocol message is an extensible authentication protocol 
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subscriber identity module or extensible authentication protocol authentication and key 
agreement message. 

7. (Previously Presented) A method according to claim 5, wherein the 
authentication message is an extensible authentication protocol challenge response 
message. 

8-11 (Cancelled) 

12. (Previously Presented) An apparatus, comprising: 

a processor configured to connect first and second distinct networks and extract 
from a received authentication message a service selection information to select a 
service, wherein the authentication message signals the service selection information 
via the first network to an authentication server of the second network, 

wherein the processor is configured to use the service selection information to 
establish a connection to services provided over an access point indicated by the 
service selection information, 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the processor is configured to select a gateway in the second network to 
connect to the first network; 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 
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wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

1 3. (Previously Presented) The apparatus according to claim 1 2, wherein the 
received authentication message is based on an extensible authentication protocol. 

1 4. (Previously Presented) The apparatus according to claim 1 3, wherein the 
received authentication message is an extensible authentication protocol challenge 
response message. 

1 5. (Previously Presented) The apparatus according to claim 1 2, wherein the 
processor is a standalone wireless local area network authentication server. 

1 6. (Previously Presented) The apparatus according to claim 1 2, wherein the 
processor is a gateway general packet radio service support node. 

17-18 (Cancelled) 

1 9. (Previously Presented) The apparatus according to claim 1 2, wherein the 
at least one access point name parameter is decrypted in the processor. 
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20. (Previously Presented) The apparatus according to claim 12, wherein the 
at least one access point name parameter is forwarded by the processor to the access 
point in an encrypted manner. 

21 . (Previously Presented) An apparatus, comprising: 

a processor configured to connect first and second distinct networks and to set, 
in an authentication message, a service selection information regarding selection of a 
network service, wherein the authentication message signals the service selection 
information via the first network to an authentication server of the second network, 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that said the access point name can be decrypted or read by 
an access server, and the user name and the password can only be decrypted at a 
network defined by the access point name, 

wherein the access server is configured to select a gateway in the second 
network to connect to the first network. 

22. (Previously Presented) The apparatus according to claim 21 , wherein the 
authentication message is an extensible authentication protocol message. 
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23. (Previously Presented) The apparatus according to claim 22, wherein the 
extensible authentication protocol message is an extensible authentication protocol 
challenge response message. 

24. (Previously Presented) The apparatus according to claim 23, wherein the 
extensible authentication protocol challenge response message is an extensible 
authentication protocol subscriber identity module or extensible authentication protocol 
authentication and key agreement challenge response message. 

25. (Cancelled) 

26. (Previously Presented) The apparatus according to claim 21 , wherein the 
service is a general packet radio service. 

27. (Previously Presented) A system, comprising: 

a terminal device connected to a first network configured to provide access to a 
network service, the terminal device configured to set, in an authentication message, a 
service selection information regarding selection of the network service, wherein the 
authentication message signals the service selection information via the first network to 
an authentication server of a second network; and 

an authentication server device connected to the second network, the 
authentication server device configured to provide an authentication mechanism, the 
authentication server device configured to extract from a received authentication 
message the service selection information to select the service, and to use the service 
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selection information to establish a connection to services provided over an access 
point indicated by the service selection information, wherein the authentication server is 
configured to select a gateway in the second network to connect to the first network, 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the first and second networks are distinct, 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

28. (Currently Amended) A method, comprising: 

extracting, by a processor coupled to a second network, from a received 

authentication message received via a first network a service selection information to 

select a service; 

selecting, using the processor coupled to the second network, a gateway in the 
second network to connect to the first network , wherein the authentication message 
signals the service selection information via the first network to an authentication server 



of the second network : and 
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using, by the processor coupled to the second network, the service selection 
information to establish a connection to services provided over an access point 
indicated by the service selection information, 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the first and second networks are distinct, 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

29. (Currently Amended) A method, comprising: 

setting in an authentication message sent via a first network to a second network 
a service selection information regarding selection of a network service at a terminal 
device, wherein the authentication message signals the service selection information via 
the first network to an authentication server of the second network: 

selecting a gateway in the second network to connect to the first network; 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the first and second networks are distinct, 
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wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

30. (Currently Amended) A non-transitory computer-readable storage medium 
encoded with instructions configured to control a processor to perform a process, the 
process comprising: 

using an authentication message to signal a service selection information via a 
first network to a second network, wherein the first and second networks are distinct; 

using the service selection information to select a gateway in the second network 
to connect to the first network , wherein the authentication message signals the service 
selection information via the first network to an authentication server of the second 
network : and 

using the service selection information to connect to services provided over an 
access point indicated by the service selection information, 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 
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wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

31 -32. (Cancelled) 

33. (Previously Presented) A non-transitory computer-readable storage 
medium encoded with instructions configured to control a processor to perform a 
process, the process comprising: 

extracting, using a processor connected to a second network, from a received 
authentication message from a first network, a service selection information to select a 
service, wherein the authentication message signals the service selection information 
via the first network to an authentication server of the second network; 

selecting a gateway in the second network to connect to the first network, 
wherein the first and second networks are distinct; 

using the service selection information to establish a connection to services 
provided over an access point indicated by the service selection information, 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 
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wherein the at least one access point name parameter is encrypted in said 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

34. (Currently Amended) A non-transitory computer-readable storage medium 
encoded with instructions configured to control a processor to perform a process, the 
process comprising: 

setting in an authentication message a service selection information regarding 
selection of a network service, 

sending the authentication message from via a first network to an authentication 
server coupled to a second network, wherein the first and second networks are distinct 
and wherein the authentication message signals the service selection information via 
the first network to an authentication server of the second network : 

selecting a gateway in the second network to connect to the first network; 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
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access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

35-36 (Cancelled) 

37. (Previously Presented) The method according to claim 28, wherein the 
received authentication message is based on an extensible authentication protocol. 

38. (Previously Presented) The method according to claim 37, wherein the 
received authentication message is an extensible authentication protocol challenge 
response message. 

39-40. (Cancelled) 

41 . (Previously Presented) The method according to claim 28, further 
comprising: 

decrypting the at least one access point name parameter. 

42. (Previously Presented) The method according to claim 28, further 
comprising: 

forwarding the at least one access point name parameter to the access point in 
an encrypted manner. 

43. (Previously Presented) The method according to claim 29, wherein the 
authentication message is an extensible authentication protocol message. 
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44. (Previously Presented) The method according to claim 43, wherein the 
extensible authentication protocol message is an extensible authentication protocol 
challenge response message. 

45. (Previously Presented) The method according to claim 44, wherein the 
extensible authentication protocol challenge response message is an extensible 
authentication protocol subscriber identity module or extensible authentication protocol 
authentication and key agreement challenge response message. 

46. (Cancelled) 

47. (Previously Presented) The method according to claim 29, wherein the 
service is a general packet radio service. 

48. (Previously Presented) An apparatus, comprising: 

extracting means connected to a second network for extracting from a received 
authentication message from a first network, a service selection information to select a 
service, wherein the authentication message signals the service selection information 
via the first network to an authentication server of the second network; and 

controlling means for using the service selection information to establish a 
connection to services provided over an access point indicated by the service selection 
information, and for selecting a gateway in the second network to connect to the first 
network, wherein the first and second networks are distinct, 
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wherein the service selection information comprises at least one access point 
name parameter, 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

49. (Previously Presented) An apparatus, comprising: 

setting means for setting in an authentication message a service selection 
information regarding selection of a network service; and 

sending means for sending the authentication message through a first network to 
a second network, wherein the first and second networks are distinct, wherein the 
authentication message is used by the second network to select a gateway in the 
second network to connect to the first network, 

wherein the service selection information comprises at least one access point 
name parameter, 

wherein the at least one access point name parameter comprises an access 
point name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
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access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

2. The following is an examiner's statement of reasons for allowance: 

Claims 1-7, 12-16, 19-24, 26-30, 33, 34, 37, 38, 41-45, 47-49 are allowed in view 

of Applicant's remarks, amendments and submissions filed 05/28/2010 and further in 

view of the approved Examiner's Amendment to the claims. 

Specifically, regarding claim 1, and similarly claims 12, 21, 27-30, 33, 34, 48, and 

49, the prior art of record does not expressly: 

A method, comprising: 

using an authentication message to signal service selection information via a first 
network to an authentication server of a second network, the service selection 
information indicating an access point, wherein the first and second networks are 
distinct, wherein the authentication message signals the service selection 
information via the first network to an authentication server of the second 
network : and 

using the service selection information to connect to at least one service 
provided over the access point indicated by the service selection information , 

selecting, using the authentication server, a gateway in the second network to 
connect to the first network; 
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wherein the service selection information comprises at least one access point 
name parameter, 

wherein the at least one access point parameter comprises an access point 
name, a username, and a password, and 

wherein the at least one access point name parameter is encrypted in the 
authentication message so that the access point name can be decrypted or read by an 
access server, and the user name and the password can only be decrypted at a 
network defined by the access point name. 

Although Bjelland discloses a terminal request include specified access 
parameters, Bjelland fails to disclose provisioning service selection information 
indicating an access point via a first network to an authentication server of the second 
network. Furthermore, while this request provides the service selection within a PDP 
context, the request is not provide within an authentication message. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to ARIEL BALAOING whose telephone number is 
(571)272-7317. The examiner can normally be reached on Monday- Friday from 8:00 
AM to 4:30 PM. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Dwayne Bost can be reached on (571) 272-7023. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Ariel Balaoing/ 
Examiner, Art Unit 2617 

/A. BJ 

Examiner, Art Unit 2617 



